{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,30]],"date-time":"2026-04-30T16:56:11Z","timestamp":1777568171182,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":44,"publisher":"ACM","license":[{"start":{"date-parts":[[2023,7,10]],"date-time":"2023-07-10T00:00:00Z","timestamp":1688947200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"CSIRO's Data61"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2023,7,10]]},"DOI":"10.1145\/3579856.3590334","type":"proceedings-article","created":{"date-parts":[[2023,7,5]],"date-time":"2023-07-05T14:52:13Z","timestamp":1688568733000},"page":"122-135","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":10,"title":["LoDen: Making Every Client in Federated Learning a Defender Against the Poisoning Membership Inference Attacks"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-5550-5845","authenticated-orcid":false,"given":"Mengyao","family":"Ma","sequence":"first","affiliation":[{"name":"The University of Queensland, Australia and CSIRO's Data61, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5611-3483","authenticated-orcid":false,"given":"Yanjun","family":"Zhang","sequence":"additional","affiliation":[{"name":"University of Technology Sydney, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4286-3774","authenticated-orcid":false,"given":"Pathum Chamikara Mahawaga","family":"Arachchige","sequence":"additional","affiliation":[{"name":"CSIRO's Data61, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9330-2662","authenticated-orcid":false,"given":"Leo Yu","family":"Zhang","sequence":"additional","affiliation":[{"name":"Griffith University, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6138-7742","authenticated-orcid":false,"given":"Mohan Baruwal","family":"Chhetri","sequence":"additional","affiliation":[{"name":"CSIRO's Data61, Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-6390-9890","authenticated-orcid":false,"given":"Guangdong","family":"Bai","sequence":"additional","affiliation":[{"name":"The University of Queensland, Australia"}]}],"member":"320","published-online":{"date-parts":[[2023,7,10]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978318"},{"key":"e_1_3_2_1_2_1","volume-title":"A little is enough: Circumventing defenses for distributed learning. Advances in Neural Information Processing Systems 32","author":"Baruch Gilad","year":"2019","unstructured":"Gilad Baruch , Moran Baruch , and Yoav Goldberg . 2019. A little is enough: Circumventing defenses for distributed learning. Advances in Neural Information Processing Systems 32 ( 2019 ). Gilad Baruch, Moran Baruch, and Yoav Goldberg. 2019. A little is enough: Circumventing defenses for distributed learning. Advances in Neural Information Processing Systems 32 (2019)."},{"key":"e_1_3_2_1_3_1","volume-title":"Poisoning attacks against support vector machines. arXiv preprint arXiv:1206.6389","author":"Biggio Battista","year":"2012","unstructured":"Battista Biggio , Blaine Nelson , and Pavel Laskov . 2012. Poisoning attacks against support vector machines. arXiv preprint arXiv:1206.6389 ( 2012 ). Battista Biggio, Blaine Nelson, and Pavel Laskov. 2012. Poisoning attacks against support vector machines. arXiv preprint arXiv:1206.6389 (2012)."},{"key":"e_1_3_2_1_4_1","volume-title":"Proceedings of the 31st International Conference on Neural Information Processing Systems.","author":"Blanchard Peva","year":"2017","unstructured":"Peva Blanchard , El\u00a0Mahdi El\u00a0Mhamdi , Rachid Guerraoui , and Julien Stainer . 2017 . Machine learning with adversaries: Byzantine tolerant gradient descent . In Proceedings of the 31st International Conference on Neural Information Processing Systems. Peva Blanchard, El\u00a0Mahdi El\u00a0Mhamdi, Rachid Guerraoui, and Julien Stainer. 2017. Machine learning with adversaries: Byzantine tolerant gradient descent. In Proceedings of the 31st International Conference on Neural Information Processing Systems."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1137\/16M1080173"},{"key":"e_1_3_2_1_6_1","volume-title":"28th Annual Network and Distributed System Security Symposium, NDSS. The Internet Society.","author":"Cao Xiaoyu","year":"2021","unstructured":"Xiaoyu Cao , Minghong Fang , Jia Liu , and Neil\u00a0Zhenqiang Gong . 2021 . FLTrust: Byzantine-robust Federated Learning via Trust Bootstrapping . In 28th Annual Network and Distributed System Security Symposium, NDSS. The Internet Society. Xiaoyu Cao, Minghong Fang, Jia Liu, and Neil\u00a0Zhenqiang Gong. 2021. FLTrust: Byzantine-robust Federated Learning via Trust Bootstrapping. In 28th Annual Network and Distributed System Security Symposium, NDSS. The Internet Society."},{"key":"e_1_3_2_1_7_1","volume-title":"Differentially private empirical risk minimization.Journal of Machine Learning Research 12, 3","author":"Chaudhuri Kamalika","year":"2011","unstructured":"Kamalika Chaudhuri , Claire Monteleoni , and Anand\u00a0 D Sarwate . 2011. Differentially private empirical risk minimization.Journal of Machine Learning Research 12, 3 ( 2011 ). Kamalika Chaudhuri, Claire Monteleoni, and Anand\u00a0D Sarwate. 2011. Differentially private empirical risk minimization.Journal of Machine Learning Research 12, 3 (2011)."},{"key":"e_1_3_2_1_8_1","volume-title":"Revisiting distributed synchronous SGD. arXiv preprint arXiv:1604.00981","author":"Chen Jianmin","year":"2016","unstructured":"Jianmin Chen , Xinghao Pan , Rajat Monga , Samy Bengio , and Rafal Jozefowicz . 2016. Revisiting distributed synchronous SGD. arXiv preprint arXiv:1604.00981 ( 2016 ). Jianmin Chen, Xinghao Pan, Rajat Monga, Samy Bengio, and Rafal Jozefowicz. 2016. Revisiting distributed synchronous SGD. arXiv preprint arXiv:1604.00981 (2016)."},{"key":"e_1_3_2_1_9_1","volume-title":"2018 IEEE Symposium on Security and Privacy. IEEE.","author":"Das Debajyoti","year":"2018","unstructured":"Debajyoti Das , Sebastian Meiser , Esfandiar Mohammadi , and Aniket Kate . 2018 . Anonymity trilemma: Strong anonymity, low bandwidth overhead, low latency-choose two . In 2018 IEEE Symposium on Security and Privacy. IEEE. Debajyoti Das, Sebastian Meiser, Esfandiar Mohammadi, and Aniket Kate. 2018. Anonymity trilemma: Strong anonymity, low bandwidth overhead, low latency-choose two. In 2018 IEEE Symposium on Security and Privacy. IEEE."},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSP.2012.2211477"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.5555\/1791834.1791836"},{"key":"e_1_3_2_1_12_1","volume-title":"Theory of cryptography conference","author":"Dwork Cynthia","unstructured":"Cynthia Dwork , Frank McSherry , Kobbi Nissim , and Adam Smith . 2006. Calibrating noise to sensitivity in private data analysis . In Theory of cryptography conference . Springer , 265\u2013284. Cynthia Dwork, Frank McSherry, Kobbi Nissim, and Adam Smith. 2006. Calibrating noise to sensitivity in private data analysis. In Theory of cryptography conference. Springer, 265\u2013284."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.5555\/3489212.3489304"},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2019.2909068"},{"key":"e_1_3_2_1_15_1","volume-title":"Proceedings of the International Conference on Software Engineering.","author":"Guan Hao","year":"2023","unstructured":"Hao Guan , Ying Xiao , Jiaying Li , Yepang Liu , and Guangdong Bai . 2023 . A Comprehensive Study of Real-World Bugs in Machine Learning Model Optimization . In Proceedings of the International Conference on Software Engineering. Hao Guan, Ying Xiao, Jiaying Li, Yepang Liu, and Guangdong Bai. 2023. A Comprehensive Study of Real-World Bugs in Machine Learning Model Optimization. In Proceedings of the International Conference on Software Engineering."},{"key":"e_1_3_2_1_16_1","volume-title":"Proceedings of the 2019 ACM SIGSAC conference on computer and communications security.","author":"Jia Jinyuan","year":"2019","unstructured":"Jinyuan Jia , Ahmed Salem , Michael Backes , Yang Zhang , and Neil\u00a0Zhenqiang Gong . 2019 . Memguard: Defending against black-box membership inference attacks via adversarial examples . In Proceedings of the 2019 ACM SIGSAC conference on computer and communications security. Jinyuan Jia, Ahmed Salem, Michael Backes, Yang Zhang, and Neil\u00a0Zhenqiang Gong. 2019. Memguard: Defending against black-box membership inference attacks via adversarial examples. In Proceedings of the 2019 ACM SIGSAC conference on computer and communications security."},{"key":"e_1_3_2_1_17_1","volume-title":"Advances and open problems in federated learning. Foundations and Trends\u00ae in Machine Learning 14, 1\u20132","author":"Kairouz Peter","year":"2021","unstructured":"Peter Kairouz , H\u00a0Brendan McMahan , Brendan Avent , Aur\u00e9lien Bellet , Mehdi Bennis , Arjun\u00a0Nitin Bhagoji , Kallista Bonawitz , Zachary Charles , Graham Cormode , Rachel Cummings , 2021. Advances and open problems in federated learning. Foundations and Trends\u00ae in Machine Learning 14, 1\u20132 ( 2021 ), 1\u2013210. Peter Kairouz, H\u00a0Brendan McMahan, Brendan Avent, Aur\u00e9lien Bellet, Mehdi Bennis, Arjun\u00a0Nitin Bhagoji, Kallista Bonawitz, Zachary Charles, Graham Cormode, Rachel Cummings, 2021. Advances and open problems in federated learning. Foundations and Trends\u00ae in Machine Learning 14, 1\u20132 (2021), 1\u2013210."},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1038\/s42256-020-0186-1"},{"key":"e_1_3_2_1_19_1","unstructured":"Alex Krizhevsky Geoffrey Hinton 2009. Learning multiple layers of features from tiny images. (2009).  Alex Krizhevsky Geoffrey Hinton 2009. Learning multiple layers of features from tiny images. (2009)."},{"key":"e_1_3_2_1_20_1","volume-title":"A simple weight decay can improve generalization. Advances in neural information processing systems 4","author":"Krogh Anders","year":"1991","unstructured":"Anders Krogh and John Hertz . 1991. A simple weight decay can improve generalization. Advances in neural information processing systems 4 ( 1991 ). Anders Krogh and John Hertz. 1991. A simple weight decay can improve generalization. Advances in neural information processing systems 4 (1991)."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/3411501.3419420"},{"key":"e_1_3_2_1_22_1","volume-title":"Lomar: A local defense against poisoning attack on federated learning","author":"Li Xingyu","year":"2021","unstructured":"Xingyu Li , Zhe Qu , Shangqing Zhao , Bo Tang , Zhuo Lu , and Yao Liu . 2021 . Lomar: A local defense against poisoning attack on federated learning . IEEE Transactions on Dependable and Secure Computing ( 2021). Xingyu Li, Zhe Qu, Shangqing Zhao, Bo Tang, Zhuo Lu, and Yao Liu. 2021. Lomar: A local defense against poisoning attack on federated learning. IEEE Transactions on Dependable and Secure Computing (2021)."},{"key":"e_1_3_2_1_23_1","volume-title":"Federated learning","author":"Long Guodong","unstructured":"Guodong Long , Yue Tan , Jing Jiang , and Chengqi Zhang . 2020. Federated learning for open banking . In Federated learning . Springer , 240\u2013254. Guodong Long, Yue Tan, Jing Jiang, and Chengqi Zhang. 2020. Federated learning for open banking. In Federated learning. Springer, 240\u2013254."},{"key":"e_1_3_2_1_24_1","volume-title":"Understanding membership inferences on well-generalized learning models. arXiv preprint arXiv:1802.04889","author":"Long Yunhui","year":"2018","unstructured":"Yunhui Long , Vincent Bindschaedler , Lei Wang , Diyue Bu , Xiaofeng Wang , Haixu Tang , Carl\u00a0 A Gunter , and Kai Chen . 2018. Understanding membership inferences on well-generalized learning models. arXiv preprint arXiv:1802.04889 ( 2018 ). Yunhui Long, Vincent Bindschaedler, Lei Wang, Diyue Bu, Xiaofeng Wang, Haixu Tang, Carl\u00a0A Gunter, and Kai Chen. 2018. Understanding membership inferences on well-generalized learning models. arXiv preprint arXiv:1802.04889 (2018)."},{"key":"e_1_3_2_1_25_1","volume-title":"Proceedings, Part I. Springer.","author":"Mahawaga\u00a0Arachchige Pathum\u00a0Chamikara","year":"2022","unstructured":"Pathum\u00a0Chamikara Mahawaga\u00a0Arachchige , Dongxi Liu , Seyit Camtepe , Surya Nepal , Marthie Grobler , Peter Bertok , and Ibrahim Khalil . 2022 . Local Differential Privacy for Federated Learning. In Computer Security\u2013ESORICS 2022: 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26\u201330, 2022 , Proceedings, Part I. Springer. Pathum\u00a0Chamikara Mahawaga\u00a0Arachchige, Dongxi Liu, Seyit Camtepe, Surya Nepal, Marthie Grobler, Peter Bertok, and Ibrahim Khalil. 2022. Local Differential Privacy for Federated Learning. In Computer Security\u2013ESORICS 2022: 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26\u201330, 2022, Proceedings, Part I. Springer."},{"key":"e_1_3_2_1_26_1","volume-title":"2022 IEEE Symposium on Security and Privacy. IEEE Computer Society.","author":"Mahloujifar Saeed","year":"2022","unstructured":"Saeed Mahloujifar , Esha Ghosh , and Melissa Chase . 2022 . Property Inference from Poisoning . In 2022 IEEE Symposium on Security and Privacy. IEEE Computer Society. Saeed Mahloujifar, Esha Ghosh, and Melissa Chase. 2022. Property Inference from Poisoning. In 2022 IEEE Symposium on Security and Privacy. IEEE Computer Society."},{"key":"e_1_3_2_1_27_1","unstructured":"Brendan McMahan Eider Moore Daniel Ramage Seth Hampson and Blaise\u00a0Aguera y Arcas. 2017. Communication-efficient learning of deep networks from decentralized data. In Artificial intelligence and statistics. PMLR.  Brendan McMahan Eider Moore Daniel Ramage Seth Hampson and Blaise\u00a0Aguera y Arcas. 2017. Communication-efficient learning of deep networks from decentralized data. In Artificial intelligence and statistics. PMLR."},{"key":"e_1_3_2_1_28_1","volume-title":"2019 IEEE Symposium on Security and Privacy. IEEE.","author":"Melis Luca","year":"2019","unstructured":"Luca Melis , Congzheng Song , Emiliano De\u00a0Cristofaro , and Vitaly Shmatikov . 2019 . Exploiting unintended feature leakage in collaborative learning . In 2019 IEEE Symposium on Security and Privacy. IEEE. Luca Melis, Congzheng Song, Emiliano De\u00a0Cristofaro, and Vitaly Shmatikov. 2019. Exploiting unintended feature leakage in collaborative learning. In 2019 IEEE Symposium on Security and Privacy. IEEE."},{"key":"e_1_3_2_1_29_1","volume-title":"Advances in Knowledge Discovery and Data Mining: 27th Pacific-Asia Conference. Springer.","author":"Meng Mark\u00a0Huasong","year":"2023","unstructured":"Mark\u00a0Huasong Meng , Sin\u00a0 G Teo , Guangdong Bai , Kailong Wang , and Jin\u00a0Song Dong . 2023 . Enhancing Federated Learning Robustness using Data-Agnostic Model Pruning . In Advances in Knowledge Discovery and Data Mining: 27th Pacific-Asia Conference. Springer. Mark\u00a0Huasong Meng, Sin\u00a0G Teo, Guangdong Bai, Kailong Wang, and Jin\u00a0Song Dong. 2023. Enhancing Federated Learning Robustness using Data-Agnostic Model Pruning. In Advances in Knowledge Discovery and Data Mining: 27th Pacific-Asia Conference. Springer."},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243855"},{"key":"e_1_3_2_1_31_1","volume-title":"2019 IEEE symposium on security and privacy. IEEE.","author":"Nasr Milad","year":"2019","unstructured":"Milad Nasr , Reza Shokri , and Amir Houmansadr . 2019 . Comprehensive privacy analysis of deep learning: Passive and active white-box inference attacks against centralized and federated learning . In 2019 IEEE symposium on security and privacy. IEEE. Milad Nasr, Reza Shokri, and Amir Houmansadr. 2019. Comprehensive privacy analysis of deep learning: Passive and active white-box inference attacks against centralized and federated learning. In 2019 IEEE symposium on security and privacy. IEEE."},{"key":"e_1_3_2_1_32_1","unstructured":"Do\u00a0Le Quoc and Christof Fetzer. 2021. SecFL: Confidential Federated Learning using TEEs. arXiv preprint arXiv:2110.00981 (2021).  Do\u00a0Le Quoc and Christof Fetzer. 2021. SecFL: Confidential Federated Learning using TEEs. arXiv preprint arXiv:2110.00981 (2021)."},{"key":"e_1_3_2_1_33_1","volume-title":"An overview of gradient descent optimization algorithms. arXiv preprint arXiv:1609.04747","author":"Ruder Sebastian","year":"2016","unstructured":"Sebastian Ruder . 2016. An overview of gradient descent optimization algorithms. arXiv preprint arXiv:1609.04747 ( 2016 ). Sebastian Ruder. 2016. An overview of gradient descent optimization algorithms. arXiv preprint arXiv:1609.04747 (2016)."},{"key":"e_1_3_2_1_34_1","volume-title":"Ml-leaks: Model and data independent membership inference attacks and defenses on machine learning models. arXiv preprint arXiv:1806.01246","author":"Salem Ahmed","year":"2018","unstructured":"Ahmed Salem , Yang Zhang , Mathias Humbert , Pascal Berrang , Mario Fritz , and Michael Backes . 2018 . Ml-leaks: Model and data independent membership inference attacks and defenses on machine learning models. arXiv preprint arXiv:1806.01246 (2018). Ahmed Salem, Yang Zhang, Mathias Humbert, Pascal Berrang, Mario Fritz, and Michael Backes. 2018. Ml-leaks: Model and data independent membership inference attacks and defenses on machine learning models. arXiv preprint arXiv:1806.01246 (2018)."},{"key":"e_1_3_2_1_35_1","volume-title":"Annual Computer Security Applications Conference.","author":"Shen Liyue","year":"2022","unstructured":"Liyue Shen , Yanjun Zhang , Jingwei Wang , and Guangdong Bai . 2022 . Better Together: Attaining the Triad of Byzantine-robust Federated Learning via Local Update Amplification . In Annual Computer Security Applications Conference. Liyue Shen, Yanjun Zhang, Jingwei Wang, and Guangdong Bai. 2022. Better Together: Attaining the Triad of Byzantine-robust Federated Learning via Local Update Amplification. In Annual Computer Security Applications Conference."},{"key":"e_1_3_2_1_36_1","doi-asserted-by":"publisher","DOI":"10.1145\/2810103.2813687"},{"key":"e_1_3_2_1_37_1","volume-title":"2017 IEEE symposium on security and privacy. IEEE.","author":"Shokri Reza","year":"2017","unstructured":"Reza Shokri , Marco Stronati , Congzheng Song , and Vitaly Shmatikov . 2017 . Membership inference attacks against machine learning models . In 2017 IEEE symposium on security and privacy. IEEE. Reza Shokri, Marco Stronati, Congzheng Song, and Vitaly Shmatikov. 2017. Membership inference attacks against machine learning models. In 2017 IEEE symposium on security and privacy. IEEE."},{"key":"e_1_3_2_1_38_1","volume-title":"30th USENIX Security Symposium.","author":"Song Liwei","year":"2021","unstructured":"Liwei Song and Prateek Mittal . 2021 . Systematic evaluation of privacy risks of machine learning models . In 30th USENIX Security Symposium. Liwei Song and Prateek Mittal. 2021. Systematic evaluation of privacy risks of machine learning models. In 30th USENIX Security Symposium."},{"key":"e_1_3_2_1_39_1","volume-title":"Dropout: a simple way to prevent neural networks from overfitting. The journal of machine learning research 15, 1","author":"Srivastava Nitish","year":"2014","unstructured":"Nitish Srivastava , Geoffrey Hinton , Alex Krizhevsky , Ilya Sutskever , and Ruslan Salakhutdinov . 2014. Dropout: a simple way to prevent neural networks from overfitting. The journal of machine learning research 15, 1 ( 2014 ), 1929\u20131958. Nitish Srivastava, Geoffrey Hinton, Alex Krizhevsky, Ilya Sutskever, and Ruslan Salakhutdinov. 2014. Dropout: a simple way to prevent neural networks from overfitting. The journal of machine learning research 15, 1 (2014), 1929\u20131958."},{"key":"e_1_3_2_1_40_1","volume-title":"Can you really backdoor federated learning?arXiv preprint arXiv:1911.07963","author":"Sun Ziteng","year":"2019","unstructured":"Ziteng Sun , Peter Kairouz , Ananda\u00a0Theertha Suresh , and H\u00a0Brendan McMahan . 2019. Can you really backdoor federated learning?arXiv preprint arXiv:1911.07963 ( 2019 ). Ziteng Sun, Peter Kairouz, Ananda\u00a0Theertha Suresh, and H\u00a0Brendan McMahan. 2019. Can you really backdoor federated learning?arXiv preprint arXiv:1911.07963 (2019)."},{"key":"e_1_3_2_1_41_1","volume-title":"International Conference on Machine Learning. PMLR.","author":"Triastcyn Aleksei","year":"2020","unstructured":"Aleksei Triastcyn and Boi Faltings . 2020 . Bayesian differential privacy for machine learning . In International Conference on Machine Learning. PMLR. Aleksei Triastcyn and Boi Faltings. 2020. Bayesian differential privacy for machine learning. In International Conference on Machine Learning. PMLR."},{"key":"e_1_3_2_1_42_1","doi-asserted-by":"publisher","DOI":"10.1007\/s41666-020-00082-4"},{"key":"e_1_3_2_1_43_1","volume-title":"International Conference on Machine Learning. PMLR.","author":"Yin Dong","year":"2018","unstructured":"Dong Yin , Yudong Chen , Ramchandran Kannan , and Peter Bartlett . 2018 . Byzantine-robust distributed learning: Towards optimal statistical rates . In International Conference on Machine Learning. PMLR. Dong Yin, Yudong Chen, Ramchandran Kannan, and Peter Bartlett. 2018. Byzantine-robust distributed learning: Towards optimal statistical rates. In International Conference on Machine Learning. PMLR."},{"key":"e_1_3_2_1_44_1","volume-title":"AgrEvader: Poisoning Membership Inference Against Byzantine-robust Federated Learning. In The ACM Web Conference (WWW).","author":"Zhang Yanjun","year":"2023","unstructured":"Yanjun Zhang , Guangdong Bai , Pathum\u00a0Chamikara Mahawaga\u00a0Arachchige , Mengyao Ma , Liyue Shen , Jingwei Wang , Surya Nepal , Minhui Xue , Long Wang , and Joseph Liu . 2023 . AgrEvader: Poisoning Membership Inference Against Byzantine-robust Federated Learning. In The ACM Web Conference (WWW). Yanjun Zhang, Guangdong Bai, Pathum\u00a0Chamikara Mahawaga\u00a0Arachchige, Mengyao Ma, Liyue Shen, Jingwei Wang, Surya Nepal, Minhui Xue, Long Wang, and Joseph Liu. 2023. AgrEvader: Poisoning Membership Inference Against Byzantine-robust Federated Learning. In The ACM Web Conference (WWW)."}],"event":{"name":"ASIA CCS '23: ACM ASIA Conference on Computer and Communications Security","location":"Melbourne VIC Australia","acronym":"ASIA CCS '23","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"]},"container-title":["Proceedings of the ACM Asia Conference on Computer and Communications Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3579856.3590334","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T18:08:16Z","timestamp":1750183696000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3579856.3590334"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,7,10]]},"references-count":44,"alternative-id":["10.1145\/3579856.3590334","10.1145\/3579856"],"URL":"https:\/\/doi.org\/10.1145\/3579856.3590334","relation":{},"subject":[],"published":{"date-parts":[[2023,7,10]]},"assertion":[{"value":"2023-07-10","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}